MDEV-4422 SHOW PROCESSLIST reference to THD::db not protected against simultaneous updates

protect THD::db with THD::LOCK_thd_data

MDEV-4422 SHOW PROCESSLIST reference to THD::db not protected against simultaneous updates
protect THD::db with THD::LOCK_thd_data
dacb3809 · Sergei Golubchik · f722b15d · dacb3809 · dacb3809
Commit dacb3809 authored Jun 12, 2013 by Sergei Golubchik
Show whitespace changes
Inline Side-by-side

Showing with 12 additions and 4 deletions

sql/sql_class.h sql/sql_class.h +10 -2

sql/sql_show.cc sql/sql_show.cc +2 -2

No files found.
--- a/sql/sql_class.h
+++ b/sql/sql_class.h
@@ -1605,6 +1605,7 @@ public:
    Protects THD data accessed from other threads:
    - thd->query and thd->query_length (used by SHOW ENGINE
      INNODB STATUS and SHOW PROCESSLIST
+    - thd->db and thd->db_length (used in SHOW PROCESSLIST)
    - thd->mysys_var (used by KILL statement and shutdown).
    Is locked when THD is deleted.
  */
@@ -2838,6 +2839,7 @@ public:
  */
  bool set_db(const char *new_db, size_t new_db_len)
  {
+    mysql_mutex_lock(&LOCK_thd_data);
    /* Do not reallocate memory if current chunk is big enough. */
    if (db && new_db && db_length >= new_db_len)
      memcpy(db, new_db, new_db_len+1);
@@ -2850,6 +2852,7 @@ public:
        db= NULL;
    }
    db_length= db ? new_db_len : 0;
+    mysql_mutex_unlock(&LOCK_thd_data);
    return new_db && !db;
  }
@@ -2866,8 +2869,13 @@ public:
  */
  void reset_db(char *new_db, size_t new_db_len)
  {
+    if (new_db != db || new_db_len != db_length)
+    {
+      mysql_mutex_lock(&LOCK_thd_data);
      db= new_db;
      db_length= new_db_len;
+      mysql_mutex_unlock(&LOCK_thd_data);
+    }
  }
  /*
    Copy the current database to the argument. Use the current arena to

--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -2212,10 +2212,10 @@ void mysqld_list_processes(THD *thd,const char *user, bool verbose)
 	  thd_info->host= thd->strdup(tmp_sctx->host_or_ip[0] ?
                                      tmp_sctx->host_or_ip :
                                      tmp_sctx->host ? tmp_sctx->host : "");
-        if ((thd_info->db=tmp->db))             // Safe test
-          thd_info->db=thd->strdup(thd_info->db);
        thd_info->command=(int) tmp->command;
        mysql_mutex_lock(&tmp->LOCK_thd_data);
+        if ((thd_info->db= tmp->db))             // Safe test
+          thd_info->db= thd->strdup(thd_info->db);
        if ((mysys_var= tmp->mysys_var))
          mysql_mutex_lock(&mysys_var->mutex);
        thd_info->proc_info= (char*) (tmp->killed >= KILL_QUERY ?